You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Register a free account to unlock additional features at BleepingComputer.com

Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Need help securing my home network.

This is attempt number 2 to post my logs here as my browser keeps crashing. Long story short, malware infected all the computers and now I'm not really sure how to tackle the issue. Already posted my FRST log on the Malware forum so I figured I would get some advice here. Any help is much appreciated.

Error: (12/14/2017 01:58:02 PM) (Source: ESENT) (User: )
Description: taskhostw (6344,U,0) WebCacheLocal: Database recovery failed with error -1216 because it encountered references to a database, 'C:\Users\Dan\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat', which is no longer present. The database was not brought to a Clean Shutdown state before it was removed (or possibly moved or renamed). The database engine will not permit recovery to complete for this instance until the missing database is re-instated. If the database is truly no longer available and no longer required, procedures for recovering from this error are available in the Microsoft Knowledge Base or by following the "more information" link at the bottom of this message.

Error: (12/14/2017 03:57:02 AM) (Source: MsiInstaller) (User: DESKTOP-DL9O2RK)
Description: Product: Adobe Flash Player 27 ActiveX -- Your Microsoft Internet Explorer browser includes the latest version of the Adobe Flash Player built-in. Windows Update will inform you when new versions of the Flash Player are available.

Error: (12/14/2017 03:57:02 AM) (Source: MsiInstaller)(User: DESKTOP-DL9O2RK)
Description: Product: Adobe Flash Player 27 ActiveX -- Your Microsoft Internet Explorer browser includes the latest version of the Adobe Flash Player built-in. Windows Update will inform you when new versions of the Flash Player are available.(NULL)(NULL)(NULL)(NULL)(NULL)

I should also mention I'm normally a DIYer when it comes to computer issues but my knowledge of advanced networking jargon is limited. Ie teredo/Isatap tunneling, etc. So it's a little alarming to me to see these interfaces show up in ipconfig on a clean windows install and a brand new router.

Yes, I'm mainly just worried about putting my mind at ease and making sure nobody has remote access to my computer or that my internet isn't being re-routed or being intercepted in any way. I've been noticing strange anomalies occurring; ie. cursor moving on its own, programs and icons being deleted unexpectedly, weird e-mails in different languages, My bitdefender anti-virus popping up in Russian or some other language I've never seen, huge spikes in number of junk emails, etc. I'm starting to feel like I'm being paranoid but it's just too many things that add up that have me a little freaked out.

I've got my router and modem both locked down tight with strong admin and wifi passwords, firewall enabled, UPnP, telnet, ssh disabled, but I don't feel like it really does a whole lot if I were to unknowingly pick up a virus from using public wifi. If I were to use an old computer to build a UTM system using Sophos UTM Home Edition would that help to mitigate issues if I have a computer that's already infected? Would that help to prevent my traffic from being intercepted at all?

Good work, this is the basis for formulating a secure network, now we have to look at the other issues of protecting the operating systems of those computers that connect to it so as not to open any doors.

but I don't feel like it really does a whole lot if I were to unknowingly pick up a virus from using public wifi.

Precisely.....The weakest link in any network, particularly server enviroments, is the user!

There are a few options such as your suggestion of utilizing UTM which would help, but it wont totally protect you if your operating system is somehow compromised.

Here is what I do on public WiFi...........My number 1 goal is to isolate my main operating system on the machine I am using. I want to keep this 'clean' and away from prying eyes.

On my win10 Pro laptop, I set up a Virtual Machine running a Linux distro (either Kali, Mint18 Sarah, or Ubuntu) through Oracle Virtual Box. Linux is superior in configuration options and much harder than windows to infect.

I don't keep any sensitive data on my VM, I simply use it to connect to and utilize P/Wifi and hotspots if I need to, thus isolating my main windows enviroment.

As an extra measure, I run Iptables and ClamAV on the VM configured with a ClamAV-daemon for automation.

I don't run the VM on my own network when I get back at home as I have no need to do so, thus I'm also isolating the network from anything I may have picked up at the local bar (if you know what I mean) as well.

Effectively, if by some chance the VM distro is compromised, I can just simply wipe it and reinstall it within about 10 minutes, fearing nothing.

Does this make sense?

Some may say this is over the top, but in todays online environment, I don't think so.....its just an added layer you can use for protection on Public access.

Remember, when your on your own network at home always obey the rules!

Always keep all of your software up to date!

Don't click links that are from prompts (ie update Adobe reader or flash player etc etc) If you think anything may need updating, do it from the legitimate site in the URL bar.

Don't fall for Social Engineering methods to trick you into clicking, or visiting anything you shouldn't. No matter how legit it may seem, always do your research first (ie Great holiday deals NOW or Phishing emails with links or attachments etc).

Never open mail you don't recognize or your suspect on.

Be careful on Peer-to Peer platforms like Utorrent etc.

Anyway, you get the drift.......If it sounds too good to be true, it usually is! There is no such thing as a free lunch on todays www

If you can develop good security configurations, and good browsing habits, you will be well ahead of the pack and always get a good nights sleep!